An n8n community node for integrating with Permit.io authorization service. This node allows you to check permissions, retrieve user permissions, and get authorized users directly within your n8n workflows.
- Check Permissions: Verify if a user has permission to perform a specific action on a resource
- Get User Permissions: Retrieve all permissions for a specific user across tenants and resources
- Get Authorized Users: Find all users authorized to perform a specific action on a resource type
- Go to Settings > Community Nodes in your n8n instance
- Select Install
- Enter
n8n-nodes-permitio - Select Install
After installation restart n8n to register the new nodes.
To get started install the package in your n8n root directory:
npm install n8n-nodes-permitioFor Docker-based deployments add the following line before the font installation command in your n8n Dockerfile:
RUN cd /usr/local/lib/node_modules/n8n && npm install n8n-nodes-permitioBefore using the Permit node, you need to configure your Permit.io credentials:
- In n8n, go to Credentials and create new Permit API credentials
- Fill in the required fields:
- API Key: Your Permit.io API key (get it from Permit Dashboard)
- PDP URL: Policy Decision Point URL (defaults to
https://cloudpdp.api.permit.io)
- Log in to your Permit.io Dashboard
- Navigate to the Settings section
- Copy your API Key
- For local development, you may need to run a local PDP instance
Verifies if a user has permission to perform a specific action on a resource.
Parameters:
- User (required): User identifier (email or user key)
- Action (required): Action to check (e.g., "read", "write", "delete")
- Resource (required): Resource type to check access to (e.g., "document", "file")
- Tenant (optional): Tenant identifier (defaults to "default")
Example Response:
{
"allow": true,
"reason": "user '[email protected]' has the role 'editor' in tenant 'default', role 'editor' has the 'read' permission on resources of type 'document'"
}Retrieves all permissions for a specific user across all tenants.
Parameters:
- User (required): User identifier to get permissions for
- Resource Types (optional): Comma-separated list of resource types to filter by (e.g., "document,folder,__tenant")
- Enable ABAC (optional): Enable Attribute-Based Access Control for more detailed permissions
Special Resource Types:
- Use
__tenantto include tenant-level permissions (admin, management permissions) - Leave empty to get permissions for all resource types
Example Response:
{
"tenant1": {
"document": {
"doc1": ["read", "write"],
"doc2": ["read"]
},
"__tenant": {
"tenant1": ["admin"]
}
}
}Finds all users authorized to perform a specific action on a resource type.
Parameters:
- Action (required): Action to check authorization for (e.g., "read", "write")
- Resource Type (required): Type of resource (e.g., "document", "folder")
- Tenant (optional): Tenant identifier (defaults to "default")
- Resource Attributes (optional): JSON object with resource attributes for filtering
- Enable ABAC (optional): Enable Attribute-Based Access Control
Example Resource Attributes:
{
"cost": 1000,
"department": "engineering"
}Example Response:
[
{
"user": {
"key": "[email protected]",
"email": "[email protected]"
},
"role": "editor"
},
{
"user": {
"key": "[email protected]",
"email": "[email protected]"
},
"role": "admin"
}
]- Add a Manual Trigger node
- Add the Permit node and select Check operation
- Configure:
- User:
[email protected] - Action:
read - Resource:
document - Tenant:
default
- User:
- Add an IF node to handle the permission result based on the
allowfield
- Use Get User Permissions operation
- Set Resource Types to
document,folder,__tenantto get comprehensive permissions - Process the response to create permission reports or dashboards
Contributions are welcome! Please read our contributing guidelines and submit pull requests to our GitHub repository.
Built with ❤️ for the n8n community